Package: icinga-cgi Version: 1.6.1-2 Severity: minor
Hi. The current default in /etc/icinga/cgi.cfg for cgi_log_file is: /usr/share/icinga/htdocs/log/icinga-cgi.log Guess this is not only a quite bad place (/usr should not be touced, may be read-only, etc.) but also forbidden by the policy (yes I know logging is disabled by default). Can we perhaps find a better place? As it must be writable by the CGI user (at least per default www-data) /var/log doesn't work, neither /var/log/icinga (owned nagios:adm). My suggestions would be: 1) Let postinst create a file owned <cgi-user>:<cgi-user> in /var/log/icinga and use this as default file. 2) Change the owner group of /var/log/icinga itself. (guess that would be a worse solution). 3) Set just some dummy value to cgi_log_file, that makes the user clear, that he has to set something sane/safe, if he want's to use it. I would try to provide patches, if you decide what to do. Cheers, Chris. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

